%term

Tycoon2FA New Evasion Technique for 2025

Apr 10, 2025 By Phil Hay, Rodel Mendrez In Trustwave

The Tycoon 2FA phishing kit has adopted several new evasion techniques aimed at slipping past endpoints and detection systems. These include using a custom CAPTCHA rendered via HTML5 canvas, invisible Unicode characters in obfuscated JavaScript, and anti-debugging scripts to thwart inspection. This blog takes a closer look at these methods to better understand how this kit is evolving and what defenders should be aware of.

Read Post

Trustwave

Read more about Tycoon2FA New Evasion Technique for 2025

Prevention isn't enough!

Apr 10, 2025 By Rubrik In Rubrik

Attackers just need to succeed once to get your data. As defenders, we need to get it right 100% of the time. That’s why prevention is no longer enough. Let’s build a proactive strategy for securing your data wherever it lives! Subscribe to our channel to learn more about how Rubrik can help.

View Video

Rubrik

Read more about Prevention isn't enough!

Healthcare's Biggest Cyber Weakness Isn't What You Think

Apr 10, 2025 By Rubrik In Rubrik

Cybersecurity expert Pavlina Pavlova reveals that healthcare breaches aren't happening because of sophisticated attacks, but due to basic security failures like missing multi-factor authentication, delayed patching, and phishing vulnerabilities.

View Video

Rubrik

Read more about Healthcare's Biggest Cyber Weakness Isn't What You Think

OCULAR SPIDER and the Rise of Ransomware-as-a-Service

Apr 10, 2025 By CrowdStrike In CrowdStrike

Ransomware has become more difficult for organizations to defend against, but easier for adversaries to deploy. The rise of ransomware-as-a-service (RaaS) — a model in which ransomware operators write the malware and affiliates pay to launch it — has lowered the barrier to entry so threat actors of all skill levels can participate and profit.

View Video

CrowdStrike

Read more about OCULAR SPIDER and the Rise of Ransomware-as-a-Service

Diskless Infostealer, Next-generation Delivery?

Apr 9, 2025 By Aaron Hau In ThreatSpike

In a recent social-engineering attack targeting the hospitality sector observed by the ThreatSpike team, there appears to be a change in the tactics employed by the threat actor. The hospitality sector, where top-notch customer-service is expected, customer-facing employees are often lucrative targets for phishing, as detailed in our previous blog post.

Read Post

ThreatSpike

Read more about Diskless Infostealer, Next-generation Delivery?

Resurgent North Korean Malware Campaign in npm

Apr 9, 2025 By Veracode Threat Research In Veracode

Hello from the Veracode Research blog! It’s been a minute since we’ve done a malware write-up, but we’re back and ready for action! And speaking of folks who are back and ready for action, the North Korean attackers behind the crypto wallet stealer campaign we wrote about in February of 2024 and again in May of 2024 are back at it with a new batch of malicious npm packages.

Read Post

Veracode

Read more about Resurgent North Korean Malware Campaign in npm

The Cost of Ransomware: Shutdowns & Extortion

Apr 9, 2025 By Josh Breaker-Rolfe In Tripwire

Ransomware is no longer in its heyday. Evolving, AI-driven cybersecurity tools and global law enforcement efforts have seen to that. But that doesn’t mean ransomware is no longer a threat. In fact, in some ways, the danger is greater than ever. While ransomware attacks are less common than they used to be, the consequences of those that succeed are more severe. Earlier this year, the Ponemon Institute published a study revealing massive changes in the ransomware landscape.

Read Post

Tripwire

Read more about The Cost of Ransomware: Shutdowns & Extortion

Data Weaponization: How Cyber Attacks Impact the Vulnerable

Apr 8, 2025 By Rubrik In Rubrik

Welcome to the Data Security Decoded podcast by Rubrik Zero Labs. In this episode, our host Caleb Tolin speaks with Pavlina Pavlova, a researcher and cybersecurity advocate focusing on data weaponization and its disproportionate impact on vulnerable populations. Pavlina defines data weaponization as using data to manipulate, deceive, coerce, or attack someone to inflict harm. Her research investigates why cyber attacks and their impacts often have gendered dimensions, with certain populations experiencing more severe consequences.

View Video

Rubrik

Read more about Data Weaponization: How Cyber Attacks Impact the Vulnerable

Inside Black Basta: Uncovering the Secrets of a Ransomware Powerhouse

Apr 8, 2025 By Serhii Melnyk and Nikita Kazymirskyi In Trustwave

In February 2025, the cybersecurity community witnessed an unprecedented leak that exposed the internal operations of Black Basta, a prolific ransomware group. Trustwave SpiderLabs has taken an in-depth look at the leaked contents, which spell out in detail how the group thinks and operates, revealing discussions on tactics and the effectiveness of various attack tools. Even going so far as to debate the ethical and legal implications of targeting Ascension Health.

Read Post

Trustwave

Read more about Inside Black Basta: Uncovering the Secrets of a Ransomware Powerhouse

Ep 5: A Cyber Detente

Apr 7, 2025 By Rubrik In Rubrik

Every U.S. administration, dating back to President H.W. Bush has struggled to address the threat of Chinese trade theft. But a growing sense of urgency kicks in as American businesses start hemorrhaging trade secrets and entire product lines start vanishing to Chinese copycats. Just as the Obama Administration is set to do something about it, Edward Snowden shifts the narrative back onto the United States.

View Video